Apache Tomcat – CVE-2021-25329 Incomplete fix for CVE-2020-9484 (RCE via session persistence)
The fix for CVE-2020-9484 was incomplete. When using a highly unlikely configuration edge case, the Tomcat instance was still vulnerable
Read MoreThe fix for CVE-2020-9484 was incomplete. When using a highly unlikely configuration edge case, the Tomcat instance was still vulnerable
Read MoreThe BitRAT Remote Access Trojan (RAT) has been observed recently being delivered by APOMacroSploit, a macro exploit generator that can
Read MoreMicrosoft has issued several security updates for Microsoft Exchange Server to address vulnerabilities that have been used in limited targeted attacks. Due to the critical nature of these
Read MoreCVE number = CVE-2021-1388 A vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application Services
Read MoreCVE numbers = CVE-2021-1393 & CVE-2021-1396 Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain
Read MoreCVE number = CVE-2021-1361 A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches
Read MoreDBAPPSecurity identified a zero-day exploit present in targeted Bitter APT attacks. They discovered the in-the-wild sample in December 2020 and
Read MorePalo Alto have published a blog post analyzing IronNetInjector, a new malware loading tool attributed to Turla. IronNetInjector is composed
Read MoreWe are receiving lots of reports of spam e-mails that appear to come from the starsupial.eu domain name. The spam
Read MorevSphere Replication contains a post-authentication command injection vulnerability in “Startup Configuration” page. VMware has evaluated this issue to be ‘Important’ severity with
Read More